public function authAction() { $this->loginDao = new LoginDao(); $this->translator = $this->getServiceLocator()->get('translator'); $form = new LoginForm(); $request = $this->getRequest(); if ($request->isPost()) { $login = new Login(); $form->setInputFilter(new LoginInputFilter()); $form->setData($request->getPost()); if ($form->isValid()) { $login = Login::fromForm($form->getData()); $utils = new Utils(); $rowNb = $this->loginDao->getAuthenticationByUserAndPwd($utils->stripTags_replaceHtmlChar_trim($login->getUser(), true, true, false), $utils->stripTags_replaceHtmlChar_trim($login->getPwd(), true, true, false)); //print_r($rowNb); if ($rowNb == 0) { $loginaccess = new \Zend\Session\Container('error'); $loginaccess->error = $this->translator->translate('Veuillez recommencer le nom d\'utilisateur et/ou le mot de passe sont incorrects'); return $this->redirect()->toRoute('Login'); } elseif ($rowNb == 1) { $loginaccess = new \Zend\Session\Container('myacl'); $role = $this->loginDao->getRole($utils->stripTags_replaceHtmlChar_trim($login->getUser(), true, true, false), $utils->stripTags_replaceHtmlChar_trim($login->getPwd(), true, true, false)); $loginaccess->role = $role; return $this->redirect()->toRoute('rubrique'); } else { $loginaccess = new \Zend\Session\Container('error'); $loginaccess->error = $this->translator->translate('Veuillez contacter l\'administrateur du site svp.'); return $this->redirect()->toRoute('Login'); } } else { //form is not valid because the csrf token is not the same anymore $loginaccess = new \Zend\Session\Container('error'); $loginaccess->error = $this->translator->translate('Veuillez rafraichir la page et recommencer svp.'); return $this->redirect()->toRoute('Login'); } } }
public function loginAction() { $form = new LoginForm(); $form->get('submit')->setValue('Login'); $request = $this->getRequest(); if ($request->isPost()) { //print_r($request->getPost()); // $post = $request->getPost(); //$username = $post['username']; //$password = $post['password']; //print_r($username); //echo "'".$username."'"; //echo "'".$password."'"; $login = new Login(); $form->setInputFilter($login->getInputFilter()); $form->setData($request->getPost()); if ($form->isValid()) { $login->exchangeArray($form->getData()); //echo "'".$login->username."'"; //echo "'".$login->password."'"; //$user = $this->getLoginTable()->getLoginbyusernamepassword($username, $password); $user = $this->getLoginTable()->getLoginbyusernamepassword($login->username, $login->password); if ($user != null) { // Check the return status instead return $this->redirect()->toRoute('login', array('action' => 'loggedin')); } else { return $this->redirect()->toRoute('login', array('action' => 'loginfail')); } } else { foreach ($form->getMessages() as $messageId => $message) { echo "Validation failure '{$messageId}': {$message}\n"; } } } return array('form' => $form); }
public function logAction() { // set the layout to use the login layout // (don't want to have the wrong layout being displayed) $layout = $this->layout(); $layout->setTemplate('login/login/layout'); $form = new LoginForm(); $form->get('submit')->setValue('Login'); $messages = null; // gets the form method request (usually post) $request = $this->getRequest(); // check to see if the request was a POST form request if ($request->isPost()) { // good to go // filter the form values now $form_filters = new Login(); $form->setInputFilter($form_filters->getInputFilter()); // set the form data to hold all the values supplied by the form // via $request->getPost() $form->setData($request->getPost()); // now we will see if the form is valid // we check if it is valid by the LoginForm class we created if ($form->isValid()) { // it is valid // assign $data to hold all the form data in an assoc. array // e.g. $data = $form->getData(); $data['name']; $data = $form->getData(); // get the service locator // call the service Zend\Db\Adapter\Adapter // set the credentials // and verify with $auth->authenticate() $sm = $this->getServiceLocator(); $db_adapter = $sm->get('Zend\\Db\\Adapter\\Adapter'); $auth_adapter = new AuthAdapter($db_adapter, 'admins', 'username', 'password'); $auth_adapter->setIdentity($data['admin_username'])->setCredential($data['admin_password']); // change this back to hash('sha512') $auth = $this->getServiceLocator()->get('Zend\\Authentication\\AuthenticationService'); $result = $auth->authenticate($auth_adapter); // get the returned code // if the code is equal to Result::SUCCESS // store the information in the storage session handler // insert session into the sessions table // and redirect to admin page switch ($result->getCode()) { case Result::FAILURE_IDENTITY_NOT_FOUND: return $this->redirect()->toUrl('/login/login-failure'); case Result::FAILURE_CREDENTIAL_INVALID: return $this->redirect()->toUrl('/login/login-failure'); case Result::SUCCESS: $storage = $auth->getStorage(); $storage->write($auth_adapter->getResultRowObject(null, 'password')); try { $this->getLoginTable()->insertSession($data['admin_username'], hash('sha512', $data['admin_password']), session_id()); } catch (\ErrorException $e) { return $this->redirect()->toUrl('/login/login-failure'); } if ($result->getCode() == 1) { return $this->redirect()->toUrl('/admin/index'); } } foreach ($result->getMessages() as $message) { $messages .= "{$message}\n"; } } } $view = new ViewModel(array('form' => $form, 'messages' => $messages)); return $view; }